As cybersecurity incidents increase on its family of apps, Facebook has launched a new web page where it will document all vulnerabilities and bugs reported and fixed in WhatsApp. The new WhatsApp web page with security advisories will let users and security researchers know when Facebook patched a major security hole.
The advisory page provides a comprehensive list of WhatsApp security updates and associated Common Vulnerabilities and Exposures (CVE). The ‘WhatsApp Security Advisories 2020' updates currently list six vulnerabilities that were found and patched in its Android, Desktop and video call services.
"We are very committed to transparency and this resource is intended to help the broader technology community benefit from the latest advances in our security efforts," Facebook said.
"We strongly encourage all users to ensure they keep their WhatsApp up-to-date from their respective app stores and update their mobile operating systems whenever updates are available".
In 2016, Facebook completed the rollout of end-to-end encryption utilising the Signal Protocol designed by Open Whisper Systems.
"We do not store private messages on our servers once we deliver them, and for added security we provide two-step verification to protect against unauthorized account access.
"If you lose access to your WhatsApp account, the messages you previously received will remain on your phone and will not be available elsewhere," Facebook explained.
Facebook is working with leading security firms to conduct reviews of its practices and code and engage external researchers through the Bug Bounty Programme to help it find and fix security issues.
"Due to the policies and practices of app stores, we cannot always list security advisories within app release notes," the social network said.
Facebook currently publishes WhatsApp release notes on the iOS and Google Play Store pages.